Show SSL error on SSL error page on firefox android
I frequently work with SSL certificates, so I need to be able to see what specific error prevents a secure connection. The desktop error page shown an error code like SEC_ERROR_REVOKED_CERTIFICATE either on the direct page, or in the advanced section. There is no such information on firefox android. Not only does it prevent me from working with firefox on my phone, I think it is a security issue to allow bypassing ssl errors without showning the reason they occured. There is a big difference between an expired certificate, a revoced certificate and a self signed certificate.
Is there a way to enable this information in about:config?
Все ответы (6)
Here is the current error page. I presume the code should be ERR_CERT_VALIDITY_TOO_LONG, but I can't tell.
PS: apparantly the js behind the "Add images" button on this page crashes when getting a file containing underscores or dots (outside of the file extension), which is why the image is in a separate reply.
Hi
I am sorry for the delay in coming back to you. What is the address of the site that you are trying to view?
localhost, as shown in the screenshot. In this specific case I am working on android system- and user-level CA authorities, which is why I can't use desktop Firefox to get the error code. The problem is more general, I do also work on public websites where, should a problem occur while I'm not home, I would also need this information to quickly diagnose the issue remotely. The behaviour for more regular domains is the same, I tested this on a few of the pages I work on (some public, some private, some local), as well as badssl.com
This is not guranteed to work, but you may wish to have a look at this add-on https://addons.mozilla.org/en-GB/firefox/addon/certainly-something/
You might be able to get it to work in Firefox for Android using this guide - https://blog.mozilla.org/addons/2020/09/29/expanded-extension-support-in-firefox-for-android-nightly/
Doesn't work, unfortunately. On mobile, the extension does nothing until I accept the bad certificate, and then after I have already trusted it it opens a new tab, but where on desktop there would be the certificate info, on mobile the page is just entirely blank. I assume, since the page on desktop looks suspiciously like the built-in cert viewer of firefox, that it tries to use that resource on mobile, which is simply not in the browser.
Not all add-ons are supported at present in Firefox for Android, but hopefully we can increase support for add-ons in a future update.